Downloader for Image is promoted as a browser extension that enables users to download images from websites. However, during our testing, we discovered that it generates advertisements, making it an advertising-supported application. It should be emphasized that such applications are often distrib
Tywd is a type of ransomware that encrypts files stored on a victim's computer and demands payment in exchange for decryption tools. Our team stumbled upon Tywd while monitoring the VirusTotal website for newly submitted malware samples. Tywd appends the ".tywd" extension to the filename of each e
During our analysis of malware samples recently submitted to VirusTotal, our team discovered a ransomware called Tycx. Further investigation revealed that Tycx belongs to the Djvu ransomware family, and it is programmed to encrypt files, append the ".tycx" extension to their filenames, and generat
Our researchers found the eutrack[.]work rogue webpage while inspecting suspect websites. Ir operates by pushing browser notification spam and redirecting visitors to other (likely untrustworthy/harmful) sites. Most users enter pages like eutrack[.]work through redirects caused by websites that us
While investigating suspicious sites, our researchers found the tomp3[.]cc webpage. This is a YouTube converter/downloader, i.e., it allows users to convert the URLs of videos hosted on said platform into downloadable MP3 files. This service infringes copyright laws. Furthermore, tomp3[.]cc is mo
After analyzing this email, our team has concluded that its intent is to deceive recipients into divulging personal information. Such emails are commonly known as phishing emails. The email in question alleges that the recipient has won a lottery, but all of the claims made in the email are false.
During our examination of Lowdown, we found that this program displays annoying advertisements that can open untrustworthy websites. Therefore, we classified Lowdown as adware. In most cases, users download and install advertising-supported software without knowing that the installed software disp
Our inspection of the "Voice Message In Your Office365 Extension" email revealed that it is spam. This fake letter is presented as a notification from Microsoft regarding a voice message sent to the recipient. It must be stressed that this phishing email is in no way associated with Microsoft or a
We have examined ptilselr[.]com and found that the purpose of this site is to trick visitors into agreeing to receive notifications. It uses a clickbait technique to deceive visitors. Our team discovered ptilselr[.]com while inspecting websites that use rogue advertising networks. When vis
After inspecting the "Hydro Group Purchase Order" email, we determined that it is malspam – spam proliferating malware. The fake letter is presented as a purchase order from Hydro Group, and it must be emphasized that this legitimate company is in no way associated with this spam. The file attache